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REMARKS 



The Examiner has objected to Claim 13 due to informalities. Applicant 
respectfully asserts that such objection has been avoided in view of the clarification made 
to the claim. 



The Examiner has rejected Claims 1, 2, 4-14, 16-26 and 28-42 under 35 U.S.C 
102(e) as being anticipated by Annicchiarico et al. (U.S. Patent No. 6,247,148). 
Applicant respectfully disagrees with such rejection, e$pecially in view of the 
amendments made hereinabove. 



With respect to independent Claims 1, 13 and 25, the Examiner has relied on Col. 
4, lines 20-52 in Annicchiarico to make a prior art showing of applicant's claimed 
"masking the portion of outgoing network data to impersonate a different operating 
system in accordance with a security policy if the network is an untrusted network" (see 
the same or similar, but not necessarily identical language in each of the foregoing 
claims). 



Applicant respectfully asserts that such excerpt merely relates to "means for 
mimicking the architecture of another operating system so that they call extension 
subroutines for processing input (and/or output) instead of its own, while at the same time 
providing a means for returning the operating system to its normal state after the use of 
the extension is completed." Thus, Annicchiarico only discloses calling subroutines from 
a different operating system with respect to input and output devices (e.g. keyboard and 
mouse-see excerpt relied on by the Examiner). Applicant notes that simply nowhere in 
Annicchiarico is there any disclosure of "a .security policy," let alone tasking the 
portion of outgoing network data to impersonate a different operating system ; 
accordance with [the] security, policy if the network is an untrusted ™tw^y ; 
specifically claimed by applicant (emphasis added). 



m 

' as 
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With respect to each of the independent claims, the Examiner has failed to even 
address applicant's claimed "preventing] identification of the operating system by 
impersonating the different operating system, for misleading attackers into attempting 
attacks that are unworkable on the operating system." Applicant respectfully asserts that 
Annicchiarico does not meet such specific claim language since Annicchiarico only 
relates to Mimicking the architecture of another operating system.. .[to] call extension 
subroutines for processin g input (and/or output) instead of its own" (Col. 4, lines 20-52- 
emphasis added). 

Simply nowhere does Annicchiarico even suggest "prevent[ing] identification of 
the operating system... for misleading attackers into attempting mtacln. »~ 
un workable on the operating system, " as specifically claimed by applicant (emphasis 
added). Instead, Annicchiarico teaches intercepting keyboard and mouse input and 
utilizing subroutines of another operating system to process such input (Col. 4, lines 31- 
42). Clearly, such teaching does not even suggest any sort of "outgoing network data," 
etc., as claimed by applicant. 

Applicant further emphasizes the amendments made hereinabove to independent 
Claims 1, 13 and 25 as follows: 

"conditionally masking the portion of outgoing network data to 
impersonate a different operating system in accordance with a security policy if 
the network is an untrusted network" (see the same or similar, but not necessarily 
identical language in each of the foregoing claims). 

Applicant respectfully asserts that nowhere in Annicchiarico is there any 
disclosure of "conditionally masking. . .outgoing network data," in the manner claimed by 
applicant. 

The Examiner is reminded that a claim is anticipated only if each and every 
element as set forth in the claim is found, eilher expressly or inherently described in a 
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single prior art reference. Verdegaal Bros. v. Union Oil Co. Of California, 814 F.2d 628, 
63l,2USPQ2d 1051, 1053 (Fed. Cir. 1987). Moreover, the identical invention must be ' 
shown in as complete detail as contained in the claim. Richardson v. Suzuki Motor 
0*868 F.2d 1226, 1236, 9USPQ2d 1913, 1920 (Fed. Cir. 1989). The elements must be 
arranged as required by the claim. 

This criterion has simply not been met by the Anmcchiarico reference, especially 
in view of the amendments made hereinabove. A notice of allowance or a specific prior 
art showing of each of the foregoing claimed features, in combination with the remaining 
claimed features, is respectfully requested. 

Applicant further notes that the prior art is also deficient with respect to the 
dependent claims. Just by way of example, with respect to Clahn2 et al., the Examiner 
has relied on Col. 4, line 53-Coh 5, line 8 in Anmcchiarico to make apriar art showing of 
applicant's claimed technique "wherein masking the portion comprises: discarding the 
portion of outgoing network data." Applicant respectfully asserts that such excerpt only 
discloses "swapping the address of the XTrap extension output handling routine with the 
address of the X server output handling routine." Clearly, swapping addresses such that 
different routines are called does not even suggest "discarding the portion of outgoing 
network data," as claimed by applicant (emphasis added). 

With respect to Claim 4 et al., the Examiner has relied on CoL 4, lines 20-52 in 
Anmcchiarico to make a prior art showing of applicant's claimed technique "wherein the 
security policy identifies the portion of outgoing network data and specifies an action to 
take to mask the portion of outgoing network data." Applicant respectfully asserts that 
simply nowhere in such excerpt, nor in the entire Anmcchiarico reference, is there any 
disclosure of a security policy, let alone a "security policy [that] identifies the portion of 
outgoing network data and specifies an action to take to mask the portion of outgoing 
network data," as claimed by applicant (emphasis added). Applicant notes that 
Anmcchiarico only generally teaches <<niimiclring the architecture. . .[to] call extension 
subroutines. . .instead of its own," but not specifically utilizing a security policy, and 
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especially not to identify outgoing network data and specify an action to take, in the 
manner claimed by applicant. 

With respect to Claim 6 et aL, the Examiner has relied on Col. 3, lines 40-46 in 
Annicchiarico to make a prior art showing of applicant's claimed technique "wherein the 
security policy further defines the network as untrusted." Applicant respectfully asserts 
that such excerpt merely discloses "intercepting] the input, reformatting] a copy of the 
input. . .and sending] the original input to the server." Simply nowhere in the excerpt 
relied on by the Examiner is there even a suggestion of "defining] the network as 
untrusted," as claimed by applicant (emphasis added). 

With respect to Claim 9 et aL, the Examiner has relied on Col. 5, lines 29-48 in 
Annicchiarico to make a prior art showing of applicant's claimed "transmitting the 
portion of outgoing network data unchanged if the network is a trusted network." 
Applicant notes that such excerpt only relates to a bit fields, but not to any sort of trusted 
network, and especially not to transmitting any sort of network data unchanged "if the 
network is a trusted network," as specifically claimed by applicant. 

Applicant again respectfully asserts that the Annicchiarico reference fails to meet 
all of applicant's claim limitations, for the reasons noted hereinabove. A notice of 
allowance or a specific prior art showing of each of the foregoing claimed features, in 
combination with the remaining claimed features, is respectfully requested. 

Thus, all of the independent claims are deemed allowable. Moreover, the 
remaining dependent claims are further deemed allowable, in view of their dependence 
on such independent claims. 

In the event a telephone conversation would expedite the prosecution of this 
application, the Examiner may reach the undersigned at (408) 505-5100. The 
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Cornmissioner is authorized to charge any additional fees or credit any overpayment to 
Deposit Account No. 50-1351 (Order No. NAI1P350/01.022.01). 

Respectfully submitted, 
Zilfc^^JPC. 



P.O. Box 721 120 Registration No. 41,429 

San Jose, CA 95172-1 120 
408-505-5100 
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